General
-
Target
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29
-
Size
5.7MB
-
Sample
220508-t2mjgacch2
-
MD5
4c41decf8b08f8d5bb5445cc37a7065b
-
SHA1
2c60eb30ac92c79746bf6cc75d718726031926b5
-
SHA256
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29
-
SHA512
945860033f9909d54432e99b8376f6c723e9d4561db82b367bbd73171b06634011beb4539e8f83b91b6ffcd046e9b402aa7fc7fea7c22486746cb994f555a816
Static task
static1
Behavioral task
behavioral1
Sample
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29
-
Size
5.7MB
-
MD5
4c41decf8b08f8d5bb5445cc37a7065b
-
SHA1
2c60eb30ac92c79746bf6cc75d718726031926b5
-
SHA256
412483d8630f27d160d9baf8f9d2b4deeb510d0f351ce684e7c0619d26f1cc29
-
SHA512
945860033f9909d54432e99b8376f6c723e9d4561db82b367bbd73171b06634011beb4539e8f83b91b6ffcd046e9b402aa7fc7fea7c22486746cb994f555a816
Score10/10-
Bazar/Team9 Loader payload
-
Tries to connect to .bazar domain
Attempts to lookup or connect to a .bazar domain, used by BazarBackdoor, Trickbot, and potentially others.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-